In classical software, the call graph is static — you know at deploy time which function calls which. In agentic systems, the execution graph is dynamic. An agent can decide mid-task that it needs a sub-agent, spawn one, delegate work to it, and merge the results. This is powerful. It is also terrifying if you don't have the right guardrails.
Why agents spawn sub-agents
Long-horizon tasks naturally decompose. A COO Agent tasked with "prepare Q2 board materials" will identify sub-tasks: financial summary (pull from accounting integration), operational highlights (query CRM and project management), headcount analysis (query HRIS), risk register (review open items). Each sub-task is independent and can be parallelized. Spawning a specialist sub-agent for each is faster and produces better results than doing them sequentially in a single context.
The guardrail stack
Without limits, a single top-level task could spawn an unbounded tree of agents, each incurring model costs and integration calls. Our guardrail stack enforces: a maximum spawn depth (default: 3 levels), a maximum total agent count per task (default: 12), a spend cap per task that triggers escalation if exceeded, and a time-to-live for spawned agents after which they are automatically terminated and their partial results surfaced.
In our analysis of 1.2M completed long-horizon tasks, 34% involved at least one dynamically spawned sub-agent. Tasks with sub-agents completed 2.3x faster on average.
What's next
We're exploring persistent sub-agents — spawned agents that survive beyond a single task and accumulate domain memory. The challenge is identity and authorization: a dynamically created agent should inherit a scoped subset of its parent's permissions, not the full set. We expect to ship a preview of persistent sub-agents in Q3 2026.